ISO 27001

ISO/IEC 27001 is the international standard for information security management systems (ISMS). MICAN.ro assists companies in Romania with gap analysis, Annex A control implementation, and ISO 27001 certification preparation.

What is ISO 27001?

ISO 27001 is the most recognized international standard for information security. It defines requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). ISO 27001:2022 includes Annex A with 93 controls organized into 4 categories: Organizational (37), People (8), Physical (14), Technological (34). ISO 27001 certification demonstrates to clients, partners, and authorities that the Romanian organization manages information security systematically.

The 4 Annex A categories

• Organizational (37 controls): Policies, risk management, supply chain, incident response
• People (8 controls): Screening, awareness training, disciplinary process
• Physical (14 controls): Physical perimeter, access control, equipment protection
• Technological (34 controls): Access control, cryptography, network security, logging, backup

How do we assist with ISO 27001?

MICAN.ro offers: Gap Analysis (evaluation of current implementation of 93 Annex A controls), Risk Assessment according to ISO 27005, technical control implementation (access control, cryptography, logging, backup, network security), ISMS documentation (policies, procedures, plans), employee awareness training, pre-certification internal audit, assistance during certification audit. We help companies in Romania become ISO 27001 certified in 6-12 months.

Why is it important?

ISO 27001 is required by: enterprise B2B clients (especially from EU and USA), public tenders and government contracts, GDPR Article 32 requirements (technical and organizational measures), cyber insurance (premium reduction), sectoral compliance (fintech, healthcare). Companies in Romania certified ISO 27001 have significant competitive advantage and access to international markets. Certification reduces breach risk and demonstrates due diligence in case of incident.

ISO 27001 certification benefits

• International recognition
• B2B competitive advantage
• GDPR Article 32 compliance
• Breach risk reduction
• International market access

Why MICAN.ro?

See also: NIST Framework, PCI DSS, Vulnerability Assessment